Package "c3p0"

Name:	c3p0
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: library for JDBC connection pooling library for JDBC connection pooling (documentation)
Latest version:	0.9.1.2-10ubuntu0.20.04.1
Release:	focal (20.04)
Level:	updates
Repository:	universe

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "c3p0" in Focal

Repository	Area	Version
base	universe	0.9.1.2-10
security	universe	0.9.1.2-10ubuntu0.20.04.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 0.9.1.2-10ubuntu0.20.04.1 2022-02-22 12:06:18 UTC

c3p0 (0.9.1.2-10ubuntu0.20.04.1) focal-security; urgency=medium * SECURITY UPDATE: Billion laughs attacks in XML parsing - debian/patches/CVE-2019-5427.patch: Enable a wide variety of restrictions on XML parsing by default - CVE-2019-5427 -- Spyros Seimenis <email address hidden> Mon, 21 Feb 2022 15:29:11 +0200

CVE-2019-5427

c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity

About - Send Feedback to @ubuntu_updates

Package "c3p0"

Links

Other versions of "c3p0" in Focal

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates